<?
include "configs/email.php";
$action = new Action();
class Action
{
	function Action()
	{
		global $gAct,$gOp;
		switch($gOp)
		{
			case "doLogin":
				$this->doLogin();
				break;
			case "findPass":
			    $this->findPass();
			    break;
			case "uppwd":
			    $this->uppwd();
			    break;
			default:
				$this->show();
				break;
		}
		
	}
	function findPass()
	{
		global $gCurTime,$gWeb,$DB,$GIp,$CONF,$INCOME,$GJson;
		if($INCOME['e'] && $gWeb->is_email($INCOME['e']))
		{
			$user = $DB->db_query_first("select * from admin_info where email='".$INCOME['e']."'");
			if($user)
			{
				$newPsss = substr(md5(time()),0,6);
				$DB->db_query("update admin_info set pass='".md5($newPsss)."' where id=".$user['id']);
				$isSuccess = smtp_mail($INCOME['e'], "内容厨房 密码找回","感谢您使用内容厨房，已经帮您找回密码，请使用登入<br/>用户名：".$user['name']."<br/>密码：".$newPsss,$user['name']); 
				if($isSuccess)
				{
					echo $GJson->encode(array("st"=>"ok","msg"=>"发送成功"));
				}
				else
				{
					echo $GJson->encode(array("st"=>"err","msg"=>"发送失败"));
				}
			}
			else
			{
				echo $GJson->encode(array("st"=>"err","msg"=>"发送失败,该邮箱没有注册"));
			}
		}
		else
		{
			echo $GJson->encode(array("st"=>"err","msg"=>"发送失败,邮箱格式不正确"));
		}
	}
	function show()
	{
		global $gSmarty,$gAct,$gOp,$INCOME;
		$gSmarty->display($gAct.".tpl");
	}
	public function urlLogin($src)
	{
		global $gCurTime,$gWeb,$DB,$GIp,$CONF;
		$key = rawurldecode($_GET['k']);

		$encrypt = $gWeb->passportDecrypt($key,$CONF['dbkey']); 
		//echo $encrypt;
		$arr = explode(",,",$encrypt);
		//var_dump($arr);
       
        $r = $DB->db_query_first("SELECT * FROM admin_info where id=".$arr[0]." and pass='".$arr[1]."'");
        //echo $arr[1];
		if($r)
		{
			if($r['id'])
			{
					$this->checkIsOk($r);
 
					$fields['lastLoginTime'] = $gCurTime;
					$fields['loginCount'] = $r['loginCount']+1;
					$fields['loginIp'] = $GIp;
					$DB->db_form_update("admin_info",$fields,"id=".$r['id']);
					$sql = "SELECT * FROM admin_role where id=".$r['roleId'];
					$role = $DB->db_query_first($sql);
					$r['auth'] = $role['auth'];
					$_SESSION['adminUser'] = $r;
					$success = true;
					if($src==2)
					{
						$gWeb->redirect("?act=main");
					}
					else
					{
						$gWeb->redirect("?act=main&do=openAppWin&bid=".$arr[2]);
					}
			}
		}
		 
 
	}
	function checkIsOk($r)
	{
		global $gWeb,$INCOME;
		if($r['isBanUse']=='1'  && $r['roleId']!=1)
		{
			if($INCOME['src']=="m")
			{
				echo "<script>parent.result(3);</script>";
			}
			else
			{
				//$gWeb->showMsg("帐号已被禁用！","?act=login");
				echo '{"st":"n","msg":"账号不存在"}';
			}
			exit;
		}
        
// 		if(time() > strtotime($r['validDate']) && $r['roleId']!=1)
// 		{
			 
// 			$gWeb->showMsg("帐号已过期！","?act=login");exit;
// 		}
	}
	function doLogin()
	{
		global $gSmarty,$gAct,$gOp,$INCOME,$DB,$gCurTime,$GIp,$gWeb,$_SESSION,$GJson;
		if($INCOME['src']=="email")
		{
			$this->urlLogin(0);exit;
		}
		else if($INCOME['src']=="email2")
		{
 			$this->urlLogin(2);exit;
		}
		$user = $INCOME['username'];
		$pass = $INCOME['password'];
		$valicode = strtolower($INCOME['valicode']);
		$success = false;		
		if(empty($valicode) || $valicode !=$_SESSION['SafeCode'])
		{
			$pass = md5($pass);
	        //echo $pass;exit;
			$sql = "select * from admin_info where name='$user' and pass='$pass'";
			$r = $DB->db_query_first($sql);
			if($r)
			{
 				$this->checkIsOk($r);
				$fields['lastLoginTime'] = $gCurTime;
				$fields['loginCount'] = $r['loginCount']+1;
				$fields['loginIp'] = $GIp;
				$DB->db_form_update("admin_info",$fields,"id=".$r['id']);
				$sql = "SELECT * FROM admin_role where id=".$r['roleId'];
				$role = $DB->db_query_first($sql);
				$r['auth'] = $role['auth'];
				$_SESSION['adminUser'] = $r;
				$success = true;
				$DB->db_query("insert log_login(uid,uname,addTime)values('".$_SESSION['adminUser']['id']."','".$_SESSION['adminUser']['name']."','".$gCurTime."')");
				 
			}
		}
		/* else
		{
			$gWeb->showMsg("验证码错误！","?act=login");
			exit;
		} */
		if($success)
		{
			
			if($user=='国家地理' or $user=='Mark.Liu' or $user=='mark.liu'){
				
			}else {
				echo $GJson->encode(array("st"=>"o","msg"=>"管理员无需更新"));exit;
			}
			if(empty($r['uppwd_time'])){
				if($r['email']){
					$newPsss = substr(md5(time()),0,6);
					$DB->db_query("update admin_info set pass='".md5($newPsss)."' where id=".$r['id']);
					$DB->db_query("update admin_info set uppwd_time='".$gCurTime."' where id=".$r['id']);
					$isSuccess = smtp_mail($r['email'], "内容厨房 密码更新","感谢您使用内容厨房，请使用新的密码登入<br/>用户名：".$r['name']."<br/>密码：".$newPsss); 
					$email = $r['email'];
					echo $GJson->encode(array("st"=>"y","msg"=>"你的密码已更新,已发到你的邮箱:$email,请使用新密码登录"));
				}else{
					$id = $r['id'];//无用
					echo $GJson->encode(array("st"=>"e","msg"=>"没有邮箱","id"=>"$id"));
				}
			}else{
				$uppwd_time = $r['uppwd_time'];
				$r = $DB->db_query_first("SELECT datediff( '$gCurTime', '$uppwd_time' ) as days ");
				if($r['days'] > 90) {
					if($r['email']){
						$newPsss = substr(md5(time()),0,6);
						$DB->db_query("update admin_info set pass='".md5($newPsss)."' where id=".$r['id']);
						$DB->db_query("update admin_info set uppwd_time='".$gCurTime."' where id=".$r['id']);
						$isSuccess = smtp_mail($r['email'], "内容厨房 密码更新","感谢您使用内容厨房，请使用新的密码登入<br/>用户名：".$r['name']."<br/>密码：".$newPsss); 
						$email = $r['email'];
						echo $GJson->encode(array("st"=>"y","msg"=>"你的密码已更新,已发到你的邮箱:$email,请使用新密码登录"));
					}else {
						$id = $r['id'];//无用
						echo $GJson->encode(array("st"=>"e","msg"=>"没有邮箱","id"=>"$id"));
					}
				}else{
					echo $GJson->encode(array("st"=>"o","msg"=>"登录成功无需更新密码"));
				}
			}
			
			
		}
		else
		{
			//$gSmarty->display($gAct.".tpl");
			/* if($INCOME['src']=="m")
			{
				echo "<script>parent.result(2);</script>";
			}
			else
			{
				$gWeb->showMsg("用户名或密码错误！","?act=login");
			} */
			echo $GJson->encode(array("st"=>"n","msg"=>"登录失败,用户名或密码错误"));
		}
	}
	function uppwd()
	{
		global $gCurTime,$gWeb,$DB,$GIp,$CONF,$INCOME,$GJson;
		if($INCOME['e'] && $gWeb->is_email($INCOME['e']))
		{
			
			$user = $DB->db_query_first("select * from admin_info where name='".$INCOME['name']."'");
			if(!$user){
				echo $GJson->encode(array("st"=>"err","msg"=>"没有这个用户"));exit;
			}
			$newPsss = substr(md5(time()),0,6);
			$DB->db_query("update admin_info set pass='".md5($newPsss)."' where name='".$INCOME['name']."'");
			$DB->db_query("update admin_info set email='".$INCOME['e']."' where name='".$INCOME['name']."'");
			$DB->db_query("update admin_info set uppwd_time='".$gCurTime."' where name='".$INCOME['name']."'");
			
			$isSuccess = smtp_mail($INCOME['e'], "内容厨房 密码更新","感谢您使用内容厨房，请使用新的密码登入<br/>用户名：".$user['name']."<br/>密码：".$newPsss); 
			if($isSuccess)
			{
				echo $GJson->encode(array("st"=>"ok","msg"=>"发送成功"));
			}
			else
			{
				echo $GJson->encode(array("st"=>"err","msg"=>"发送失败,请联系管理员"));
			}
			
		}
		else
		{
			echo $GJson->encode(array("st"=>"err","msg"=>"发送失败,邮箱格式不正确"));
		}
	}
}
?>